Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add register endpoint #53

Merged
merged 14 commits into from
Aug 30, 2021
Merged

add register endpoint #53

merged 14 commits into from
Aug 30, 2021

Conversation

pep1032314
Copy link
Collaborator

  • add register endpoint
    • add register endpoint unit test

close #28

chomosuke
chomosuke requested changes Aug 29, 2021
View reviewed changes
Copy link
Owner

@chomosuke chomosuke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

basically fix stuff that's not passing the linter

server/src/__tests__/api/register.ts Outdated Show resolved Hide resolved
server/src/__tests__/helpers.ts Show resolved Hide resolved
server/src/__tests__/helpers.ts Outdated Show resolved Hide resolved
server/src/api/register.ts Outdated Show resolved Hide resolved
server/src/api/register.ts Outdated Show resolved Hide resolved
chomosuke
chomosuke requested changes Aug 29, 2021
View reviewed changes
Copy link
Owner

@chomosuke chomosuke left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've stolen package-lock.json from my branch to fix this. I do not have enough expertise to know how. Does @shangzhel know how?

Also may @shangzhel confirm what I've observed from bcrypt documentation?

server/src/api/register.ts Outdated
// generate a new user document in the user collection
await this.Users.create({
username,
password,
Copy link
Owner

@chomosuke chomosuke Aug 29, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Your password here needs to be hashed a second time.

You want to use hashSync from bcrypt with a genSaltSync to get the salt.

Or you can use the async version.

image

Also use the login endpoint to verify your endpoint instead of looking at the database

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@chomosuke will this work when zhangzhe's login use this V
image

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's exactly why i'm asking you to hash it again

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you don't hash it again, it won't work

@shangzhel shangzhel added the enhancement New feature or request label Aug 30, 2021
@shangzhel shangzhel added this to Sprint 1 in Product backlog via automation Aug 30, 2021
@shangzhel shangzhel added this to In progress in Sprint 1 via automation Aug 30, 2021
@shangzhel shangzhel added this to the Sprint 1 milestone Aug 30, 2021
@chomosuke chomosuke self-requested a review August 30, 2021 12:30
chomosuke
chomosuke requested changes Aug 30, 2021
View reviewed changes
server/src/__tests__/api/register.ts Outdated
@@ -50,7 +50,6 @@ describe('register unit tests', () => {
expect(res.sendStatus).toBeCalledTimes(1);
// check whether a new user is created in the db
expect(router.Users.create).toBeCalledTimes(1);
expect(router.Users.create).toBeCalledWith({ username, password });
Copy link
Owner

@chomosuke chomosuke Aug 30, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can still check whether the hash is correct by using compareSync with bcrypt, as I've shown you in the screenshot of my last review.
Or as shangzhe has done in his login endpoint.

Sprint 1 automation moved this from In progress to In review Aug 30, 2021
@chomosuke chomosuke self-requested a review August 30, 2021 13:50
chomosuke
chomosuke approved these changes Aug 30, 2021
View reviewed changes
Copy link
Owner

@chomosuke chomosuke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You NEED TO test your code with a local database and postman. There's one very obvious bug I had to fix that can only be found by manual integration testing.

Even if we write our own integration test. You should still manually test to see if stuff work.

shangzhel
shangzhel requested changes Aug 30, 2021
View reviewed changes
Copy link
Collaborator

@shangzhel shangzhel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor changes needed, otherwise good.

server/src/api/register.ts Outdated
// ensure there is no existing identical username
if (users.length === 0) {
// generate a new user document in the user collection
const hashedPw = hashSync(password, genSaltSync());
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use the async bcrypt functions hash and genSalt, and await them. No sense in blocking when it's not necessary nor inconvenient.

server/src/__tests__/api/register.ts Outdated
expect(router.Users.create).toBeCalledTimes(1);

const firstParameter = (
router.Users.create as jest.MockedFunction<typeof router.Users.create>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can avoid this type cast by declaring create as a local variable then assigning it to the mock Users object.

shangzhel
shangzhel approved these changes Aug 30, 2021
View reviewed changes
Copy link
Collaborator

@shangzhel shangzhel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@shangzhel
Copy link
Collaborator

Just gonna merge it because it's no longer WIP.

@shangzhel shangzhel merged commit 26814d5 into master Aug 30, 2021
Sprint 1 automation moved this from In review to Done Aug 30, 2021
Product backlog automation moved this from Sprint 1 to Sprint 1 Done Aug 30, 2021
@shangzhel shangzhel deleted the register branch August 30, 2021 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chomosuke chomosuke chomosuke approved these changes

@shangzhel shangzhel shangzhel approved these changes

Assignees

@pep1032314 pep1032314

Labels
enhancement New feature or request
Projects
Product backlog
  
Sprint 1 Done
Sprint 1
  
Done
Milestone
Sprint 1
Development

Successfully merging this pull request may close these issues.

Implement registration endpoint -- POST @ api/register
3 participants
@pep1032314 @shangzhel @chomosuke